CN1538655A - Device for block level offset codebook mode operation and method thereof - Google Patents

Device for block level offset codebook mode operation and method thereof Download PDF

Info

Publication number
CN1538655A
CN1538655A CNA2004100387557A CN200410038755A CN1538655A CN 1538655 A CN1538655 A CN 1538655A CN A2004100387557 A CNA2004100387557 A CN A2004100387557A CN 200410038755 A CN200410038755 A CN 200410038755A CN 1538655 A CN1538655 A CN 1538655A
Authority
CN
China
Prior art keywords
grouping
piece
unusual
frame
close
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CNA2004100387557A
Other languages
Chinese (zh)
Inventor
̩
朴泰建
李甲周
南京完
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Samsung Electronics Co Ltd
Original Assignee
Samsung Electronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Samsung Electronics Co Ltd filed Critical Samsung Electronics Co Ltd
Publication of CN1538655A publication Critical patent/CN1538655A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0637Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Abstract

A method of block-level encryption/decryption for an offset codebook mode of operation during transmission/reception can include: receiving a frame of data to encrypted/decrypted; beginning to divide the frame into at least two packets before receipt of the frame is completed; beginning to divide at least one of the packets into two or more blocks before receipt of the frame is completed; releasing the blocks of the at least one packet for encryption/decryption before receipt of the frame is completed; and enciphering/deciphering the blocks of the at least one packet before receipt of the frame is completed.

Description

Be used for the piece level and be offset close the manner apparatus operating and method thereof
The cross reference of related application
The application requires the priority of on February 17th, 2003 to the korean patent application NO.2003-09789 of Korea S Department of Intellectual Property application, and its disclosed content whole is here cited with for referencial use.
Technical field
The present invention relates to a kind of piece level that is used for and be offset close the manner apparatus operating and method thereof.
Background technology
Data encryption standard (DES), Advanced Encryption Standard (AES) etc. are suggested as the canonical algorithm that is used to encrypt.They have defined multiple mode, such as close (ECB) mode of electronics, and CBC (CBC) mode, output feedback (OFB) mode and cipher feedback (CFB) mode.Recently, close (OCB) mode of a kind of COUNTER mode and a kind of skew proposed.In the OCB mode, data network adopts block cipher (block cipher) and the various mode of utilizing this block cipher to carry out cryptographic operation.
Block cipher is a kind of encryption method, wherein, encryption key and algorithm application is arrived each data block, to generate ciphertext.In order to prevent that expressly same block is encoded in the message in the identical ciphertext, the ciphertext of previous cryptographic block is applied to next cryptographic block in proper order.For example, the initialization vector that is produced by random number generator closes with first agllutination expressly, produces identical ciphertext so that prevent the identical message of encrypting simultaneously.By this way, next piece has the ciphertext that is different from previous cryptographic block.
General encryption device is only carried out the deciphering of grouping after the reception of finishing whole group (packet), perhaps be sent to whole group is carried out in data network/encryption grouping before sending from data network encryption in the encryption grouping.Therefore, introduced and the corresponding time delay of such decryption/encryption.In addition, the system resource that is used to carry out such decryption/encryption is represented computing cost, so data processing amount reduces.In addition, encrypt, can not finish the deciphering of the encryption during sending or the reception period that divides into groups if before the frame that will be sent out is by segmentation, carry out.
Summary of the invention
At least one embodiment of the present invention provides a kind of level encrypting/decrypting method (another embodiment provides an equipment correspondingly), is used for the close the manner of skew in the operation of transmission/reception period.This quadrat method comprises: reception is with encrypted/decrypted data frame; Before finishing receiving, frame begins frame is divided at least two groupings; Before finishing receiving, frame begins at least one grouping is divided into two or more pieces; Before frame finished receiving, the piece that discharges at least one grouping was used for encrypt/decrypt; And the piece at least one grouping carries out encrypt/decrypt before frame finishes receiving.
To exemplary embodiment, in the detailed description of accompanying drawing and relevant claim, it is more clear that supplementary features of the present invention and advantage will become from subsequently.
Description of drawings
In the accompanying drawings:
Fig. 1 is a chart, situation about being sent out as a grouping for unsegmented frame has been described, according to the decryption method of close (being still OCB) mode of the utilization of embodiments of the invention skew with according to the branch group of received that is experienced and deciphering time of the correlation method of background technology;
Fig. 2 is a chart, illustrated for the situation of before the frame segmentation, using the close the manner of skew, according to the decryption method of utilizing the OCB mode of an alternative embodiment of the invention with according to the branch group of received that is experienced and deciphering time of the correlation method of background technology;
Fig. 3 is a calcspar, and the encryption/decryption device that is used to be offset close the manner according to an alternative embodiment of the invention has been described;
Fig. 4 is a more detailed calcspar, and the example arrangement according to the exception processing unit illustrated in fig. 3 of an alternative embodiment of the invention has been described;
Fig. 5 is a more detailed calcspar, and the example arrangement according to the cryptography processing units illustrated in fig. 3 of an alternative embodiment of the invention has been described;
Fig. 6 is a flow chart, and the deciphering that is used to handle unusual receiving course according to an alternative embodiment of the invention has been described;
Fig. 7 is a flow chart, understands the example according to the message header message pick-up program illustrated in fig. 6 of an alternative embodiment of the invention in more detail;
Fig. 8 is a flow chart, understands the example according to the exception handler illustrated in fig. 6 of an alternative embodiment of the invention in more detail;
Fig. 9 A-9B is a flow chart, understands the example according to the close the manner handling procedure of skew illustrated in fig. 6 of an alternative embodiment of the invention in more detail;
Figure 10 is a flow chart, understands the example according to the last block processor illustrated in fig. 6 of an alternative embodiment of the invention in more detail;
Figure 11 is a flow chart, understands the example according to the non-last block processor illustrated in fig. 6 of an alternative embodiment of the invention in more detail;
Figure 12 is a flow chart, has illustrated to be used for according to the reception of embodiments of the invention, is used for the encryption of process of transmitting;
Figure 13 A-13B forms a flow chart, understands the example according to the message header information router illustrated in fig. 12 of an alternative embodiment of the invention in more detail;
Figure 14 is a flow chart, understands the example according to the illustrated in fig. 12 last piece router of an alternative embodiment of the invention in more detail;
Figure 15 is a flow chart, understands the example according to the illustrated in fig. 12 non-last piece router of an alternative embodiment of the invention in more detail;
Figure 16 has illustrated that the BLOCKFRAG that occurs is unusual in the execution according to the example of an alternative embodiment of the invention;
Figure 17 A-17B has illustrated that the MACFRAG that occurs is unusual in the execution according to the example of an alternative embodiment of the invention;
Figure 18 is a block diagram, and the configuration according to the mobile system of an alternative embodiment of the invention has been described.
Embodiment
To quote the preferred embodiments of the present invention in detail now, its example describes in the accompanying drawings.Yet the present invention is not subjected to the restriction of the embodiment that this paper illustrates later, but the embodiment in being incorporated herein, so that the simple and complete understanding to scope and spirit of the present invention to be provided.
Now, will define the following used term of some embodiments of the present invention of describing.
Term " segmentation " refers to the transmission data section of being divided into, for example, and to improve the efficient of data communication.
Term " frame " refers to wants the data cell that sends.Frame can be very large, this frame is segmented into littler fragment (just well-known section) to such an extent as to made decision before carrying out actual transmissions.If the size of frame is greater than the sectional door limit value, then frame is by the segmentation/section of being divided into.If the size of frame is not more than the sectional door limit value, then frame is not by segmentation.
Term " grouping " refers to by each segment data that frame generated of division/segmentation, and is same, the section of being also referred to as.
Term " piece " refers to the data unit of different sizes.Piece is subjected to the influence of block cipher, and the size of piece depends on block cipher.A piece is less than a grouping (and typically, a grouping is less than a frame).Some block cipher is supported several sizes.Big young pathbreaker in the byte unit of piece is called as BLOCKSIZE.
Term " main body " refers to the payload portions of a grouping; The message header part that does not comprise grouping.
Term " message authentication codes " (MAC) refers to and is used to the code of determining whether data change during transfer of data.Usually, frame by frame or by calculating MAC group by group, and be attached to the afterbody (rear portion) of this frame or this grouping.Variable MACSIZE represents the size of the byte unit of MAC.
Term " nonce (nonce) " refers to an employed value of the key relevant with password, and all has different values for identical key in each frame or grouping.Usually, nonce combines with frame or grouping, and sends.Nonce can combine with main body or message header.Among described below at least one embodiment of the present invention, suppose that (for easy description) nonce is included in the message header.As selection, nonce can also combine with frame or grouping in one or more other mode.
" buffer ", for example, fifo type, can be considered to be placed on the front and back that is offset close.The input content sequentially is stored in the buffer of front, is offset close and takes out necessary data, and carry out an algorithm.Subsequently, output results to the buffer of back.The size of supposing (being still for easy description) buffer is unrestricted.
" RoundUp (x) " function refers to the value of round-up x.Among described below at least one embodiment of the present invention, suppose that (being still for easy description) numeral is an immediate value (perhaps, in other words, 10 °) by round-up.If the value of x has the numeral (representative has one mark) of numeral or decimal point back, then export x+1.If the value of x does not have the numeral (representative does not have one mark) of decimal point back, then export x.As selection, other the scheme that rounds off also can be used.
Fig. 1 is a chart, situation about being sent out as a grouping for unsegmented frame has been described, according to the decryption method of close (being still OCB) mode of the utilization of embodiments of the invention skew with according to the branch group of received that is experienced and deciphering time of such method of background technology; Referring to timeline (a).Here, according to identical frame, identical grouping is described with identical section and is received operation.
Shown as the timeline (a) at Fig. 1, unsegmented frame was complete when time Tc was represented in the reception of grouping.Indicated as the timeline (b) at Fig. 1, only from time T c, beginning is finished at time T f_ba after a while according to the deciphering of the OCB mode of background technology.Illustrate as timeline (c) at Fig. 1, when the algorithm used according to embodiments of the invention, begin to carry out deciphering (for example, according to the OCB mode) at grouping reception period block-by-block from time T b, this moment, the main body of grouping began to be received, and finished at time T f after a while.Therefore, only receive the inchoate background technology timeline in back (b) with the OCB mode as can be seen and compare, in timeline (c), reduced the time that branch group of received and deciphering are spent in whole group.
According to the corresponding embodiments of the invention of the timeline (c) of Fig. 1, (for example at first obtain message header information with 1 definite parameter of using by the OCB mode, the grouping size, the address, Deng), begin to carry out the OCB mode at time T S subsequently on the basis that part receives, this moment, first B1 was transfused to buffer.Described as timeline (c) at Fig. 1, if the execution speed of block cipher is enough fast, can when next second B2 is imported into buffer, first B1 be deciphered fully so.Therefore, when second B2 was imported into buffer, above-mentioned program was repeated.If the piece B1 of all receptions has fully been handled to Bn, can carry out relatively TAG_COM of label generation TAG_GEN and label, to finish deciphering.
According to of the present invention and timeline (c) respective embodiments Fig. 1, when the reception of dividing into groups (and similarly, sending) beginning, almost can begin the OCB mode simultaneously, and when the reception (and similarly, sending) of grouping when finishing, almost can be finished the OCB mode simultaneously.On the contrary, according to the corresponding background technology of timeline (b) because the OCB mode only could begin all groupings all receive after, therefore need be used for reception the longer time and decipher.
Fig. 2 is a chart, has illustrated for the situation of using the OCB mode before the frame segmentation, according to the decryption method of utilizing the OCB mode of an alternative embodiment of the invention with according to the branch group of received that is experienced and deciphering time of the correlation method of background technology.Here, utilization being had grouping PACKET1 is described to the situation that the frame of PACKET3 is sent out.As selection, can use the size and the segmentation that are different from frame illustrated in fig. 2.
Shown as timeline (a) at Fig. 2, grouping PACKET1, PACKET2, the section (fragment) of the frame that is sent has been finished in the reception representative of PACKET3 once the reception of finishing grouping PACKET3 at time T c3.Only decipher according to the OCB mode of background technology and after having received all groupings, can begin, promptly begin at time T c3.Yet,, can when receiving each grouping PACKET1-PACKET3, carry out the OCB mode to B1 to Bn block by block so if as the part receiving and deciphering of the indicated employing of timeline (c) according to embodiments of the invention.When being almost to finish the reception of each grouping, the result shown in the timeline (c) finished the OCB mode of each grouping.After the deciphering of PACKET3 is finished, carry out arrangement segmentation (defragmentation) DEFRAG in timeline (c), finish the deciphering of frame thus.
With timeline (c) respective embodiments of Fig. 2 in, as will be discussed below because segmentation will cause some problems (being also referred to as unusual).Therefore, also provide below to be used to handle and such operate relevant unusual technology with the OCB mode.
After this, configuration and the program according to the encryption device of the OCB mode of embodiments of the invention operations will describe in detail with reference to figure 3-17.
Fig. 3 is a calcspar, and the configuration of encrypt/decrypt (E/D) equipment 100 according to an alternative embodiment of the invention has been described.
With reference to figure 3, E/D equipment 100 comprises: control unit 102, exception processing unit 120 and cryptography processing units 130.In addition, E/D equipment 100 also comprises: input buffer (for example, fifo type) 104, input bus controller 106, output bus controller 114, block cipher engine 108, close memory 110 of skew and verification and memory 112.
Input buffer 104 for example, can be arranged to FIFO type buffering.Input buffer 104 is used for encrypting or decrypted data with the form reception of signal INPUT (input), and cushion the data that received subsequently, the size information that provides about the data of being stored to control unit 102, and the data of being stored are sent to input bus controller 106.
Input bus controller 106 will be routed to exception processing unit 120 and cryptography processing units 130 from the data that input buffer 104 transmits under the control of control unit 102.
Control unit 102 receives size information about the data of being stored from input buffer 104, and notifies it whether to have unusual generation by exception processing unit 120.Control unit 102 can comprise a finite state machine (FSM), and it can be used for handling unusual, for example, by receive corresponding information and the unit 106,108 and 120 that drives other in the mode that is fit to, handles unusual.
In order on the basis of block-by-block, the data that are stored in the input buffer 104 to be carried out encrypt/decrypt, control unit 102 control input bus controllers 106, the mode that increases progressively (increment) with piece arrives cryptography processing units 130 with the data releases (release) of storage, and wherein the size of each piece is no more than BLOCKSIZE.The OCB mode is applied to the piece level, rather than packet level (as carrying out according to background technology).Control unit 102 sends to block cipher engine 108 with encryption key, and indicates this key to be used for encrypting or deciphering.
Output bus controller 114 receives control signals from control unit 102, receives the data of being handled by cryptography processing units 130, and with the data after the cryptographic processing as signal OUTPUT (output).
Exception processing unit 120 determines whether to take place unusual based on the message header information of the grouping (deciphering situation) of grouping that will be sent out (encryption situation) or reception.If will take place unusually, be provided for control unit 102 about imminent unusual information, for example, shown in Fig. 4.Fig. 4 is a calcspar, understands the example according to the exception processing unit 120 of an alternative embodiment of the invention in more detail.
Specifically, go out as shown in FIG. 4, exception processing unit 120 comprises: segmentation exception processing unit 122, transmitter exception processing unit 124, retry exception processing unit 126 and message header memory.Exception processing unit 120 can at first receive the message header information from the grouping of input bus controller 106.Particularly, for example, processing unit 122 to 126 receives MOREFRAG bit, transmitter address TA and the retry bit of message header information respectively.Processing unit 122 to 126 determines whether to take place unusual.If determine can take place unusually, it is imminent unusual then to discern imminent unusual respective handling unit notice control unit 102, makes control unit 102 unusually adaptively to control encrypt/decrypt according to this.Processing unit 122 to 126 can with whole message header information or only be the transmitter address of message header information and MOREFRAG bit storage in message header memory 128, and use the message header information of being stored to determine whether to take place unusual (its solution is used at least a portion of the grouping that next will be transfused to).Exception processing unit 120 sends nonce, block length and transmitter address from the message header information extraction to control unit 102.
According to embodiments of the invention, if the OCB mode is carried out in the grouping of the section of representative frame, the situation with respect to carry out the OCB mode at packet level has been used for the piece level and has encrypted required time decreased.Thereby, with respect to background technology, E/D equipment and comprise that the service speed of the system of E/D equipment can be enhanced.In addition, can during piece level encrypt/decrypt, take place unusually; But solution proposes below.When going up execution OCB mode divide into groups (representing the part of fragmented frame), can take place to comprise unusually: segmentation is unusual, transmission is unusual and retry is unusual.
Particularly, segmentation refers to the segmentation that takes place owing to section is divided into piece unusually in section.In other words, not only frame can be by segmentation, and the segmentation of piece also is possible.Simple in order to describe, it is fragment that the segmentation of piece is described to block splitting.When being not equal to the integral multiple of size (that is, BLOCKSIZE (with byte mode)) of piece when the size (with byte mode) of section, divide.If division takes place, typically, last piece of section is the piece that divides.Can not/deciphering encrypted by the piece that divided in common mode; For example, the encrypt/decrypt by the delay division piece is up to the next one grouping beginning operation at identical or different frames, and this problem just can be processed.It is such that to be called as BLOCKFRAG unusually unusual.
Figure 16 has illustrated that the BLOCKFRAG that occurs in the execution according to the example of an alternative embodiment of the invention is unusual.In Figure 16, if the size of threshold value, BLOCKSIZE and the MAC of the length of frame (not comprising message header information hdr), section is respectively 70 bytes, 44 bytes, 16 bytes and 8 bytes, frame is segmented into first and second grouping FRAGMENT0 and the FRAGMENT1 subsequently, and size is respectively 44 bytes and 26 bytes.Because BLOCKSIZE is 16 bytes, and the size of FRAGMENT0 is not the integral multiple of BLOCKSIZE, the 3rd BLOCK2 (by chance being last piece) of the first grouping FRAGMENT0 divided, and last 12 bytes of the grouping FRAGMENT0 that wins can not be respectively being sent and reception period is encrypted or decipher.
The segmentation of frame need not to consider in the frequent message authentication codes of finding (MAC) of the end of grouping or frame.Segmentation can take place in a position in MAC.In encrypted or when deciphering when the frame of segmentation, can not distinguish which piece is last piece, up to receiving last section.It is such that to be called as MACFRAG unusually unusual.Under situation about receiving, last section is received, and when the main body size of the grouping of representing last section during less than MACSIZE, MACFRAG is unusual in generation.Under situation about sending, last section is received, and when the main body size of last section during less than MACSIZE, MACFRAG is unusual in generation.If the sectional door limit value is greater than or equal to MACSIZE, then satisfy such situation.Usually, because MACSIZE is less than BLOCKSIZE, and the threshold value of section is greater than or equal to BLOCKSIZE, can use such situation.
Figure 17 A and 17B have illustrated that the MACFRAG that occurs is unusual in the execution according to the example of an alternative embodiment of the invention.In Figure 17 A, size for threshold value, BLOCKSIZE and the MACSIZE of the length (not comprising message header information) of frame, section is respectively the situation of 52 bytes, 48 bytes, 16 bytes and 8 bytes, and the size of the first grouping FRAGMENT0 and the second grouping FRAGMENY1 is respectively 48 bytes and 4 bytes then.The 3rd BLOCK2 of first section FRAGMENT0 has the data of 12 bytes, stays and corresponding 4 bytes of MAC part.Because whole M AC can be encrypted/deciphering, rather than its part, the encrypt/decrypt of the first grouping FRAGMENT0 can not be done, after a part that receives the second grouping FRAGMENT1.It is such that to be called as MACFRAG unusually unusual.In other words, if MACSIZE less than BLOCKSIZE, receives message header information at reception period, and if current grouping last piece of the section of representative not, so, those latter two blocks is decrypted and be stored in the buffer.
In Figure 17 B, if the size of threshold value, BLOCKSIZE and the MACSIZE of the length of frame (not comprising message header information), section is respectively 54 bytes, 52 bytes, 16 bytes and 8 bytes, the size of a BLOCK1 then second from the bottom is BLOCKSIZE (16 byte), and the size of last piece BLOCK2 is 14 bytes.It is unusual that the situation of Figure 17 b has been described BLOCKFRAG, and this can be handled by keep last piece in buffer unusually.But, the reason that keeps two pieces be the next one (and having only the here) grouping that adds grouping FRAGMENT1 of the size (4 byte) as last piece BLOCK3 of the FRAGMENT0 that equals to divide into groups size (2 byte) with (6 byte) when being not equal to MACSIZE, if make second piece BLOCK2 comprise the part of MAC, can make second piece BLOCK2 size equal BLOCKSIZE.Therefore, if next grouping, the FRAGMENT1 that promptly divides into groups is not last grouping, then then will receive a grouping at grouping FRAGMENT1.If next grouping FRAGMENT1 is last grouping, the big or small addition of the size of the piece BLOCK3 that then will before keep (4 byte) and next message protocol data unit (MPDU).MACSIZE from last grouping is counted as a MAC, and the previous section that keeps be piece and last piece and, perhaps only be last piece.When MACSIZE is greater than or equal to BLOCKSIZE, according to coming reserved block by dividing MACSIZE, round-up with BLOCKSIZE and adding 1 value that obtains (RoundUp (MACSIZE/BLOCKSIZE)+1); So problem is resolved.
Under situation about sending, the sectional door limit value can be set to the multiple of MACSIZE.In other words, when MAC was comprised in the message header information, it is unusual that MACFRAG does not take place.Therefore when generation BLOCKSIZE is unusual, only last piece need be retained in the buffer, so problem is resolved.
Now, go through and to forward the unusual of transmission Exception Type to.Take place so unusual at reception period.If sequentially do not receive grouping, promptly do not send the grouping of inserting and be inserted into the centre that receives grouping from another information source (transmitter), then the value of check and store device is damaged (corrupted).When the grouping of previous reception is not last section of frame, and the information source of the grouping of current reception takes place to send unusual when being different from the information source of previous reception grouping.
Send unusually in order to handle, because the grouping that has received is removed (although last of the previous grouping that receives or two pieces can be retained in the buffer sometimes) usually, for example, buffer can be refreshed.This method is fit to be adopted by the burst transfer of section, for example, uses in observing the WLAN of IEEE802.11 standard.This scheme can be used, because (typically) grouping is seldom receiving from second information source when first information source receives.If but when the time from first information source reception grouping, one or more grouping is continually from second or other information source reception, then except the grouping that receives, the checksum value relevant with the grouping that receives from first information source also is stored, make when when first information source receives packet recovery (by from second or the reception of the grouping that receives of other information source and encrypt/decrypt representative have no progeny), can use and the previous relevant previous checksum value of grouping from the reception of first information source.
At last, go through and forward the unusual of retry Exception Type to.When sending mistake in the communication, carry out retry.According at least one embodiment of the present invention because verification and be that each grouping calculates, and verification and use by last label maker, if carry out repeat verification with should be resumed.When last grouping is not represented in the grouping that receives, the current grouping that receives is a retry grouping, and the section of a frame represent in the grouping that is sent, and when making a mistake in transmission, the generation retry is unusual.
Unusual in order to handle retry according at least one embodiment of the present invention, if owing to carried out retry, and the current grouping that receives is identical with the grouping that has received, and does not then carry out OCB mode (the retry grouping is dropped) when retry divides into groups.Otherwise, operation OCB mode.In addition, determine during sending whether this grouping is a retry grouping.If, calculation check and and when operation OCB mode, carry out and walk around (bypass).
Cryptography processing units 130 generates close of skew, so that during receiving and dispatching the data of input are encrypted or deciphered, and generates label and MAC.Fig. 5 is a calcspar, understands the example according to the cryptography processing units 130 of an alternative embodiment of the invention in more detail.In Fig. 5, cryptography processing units 130 comprises: be offset close starter (OCB_INIT) 132; Piece decipher (BLOCK_DECIPHER) 134; Last piece decipher (LAST_BLOCK_DECIPHER) 136; Label maker (TAG_GENERATOR) 138; Label comparator (TAG_COMPARATOR) 140; Block encryption device (BLOCK_ENTIPHER) 142; Last block encryption device (LAST_BLOCK_ENCIPHER) 144; And message authentication codes (MAC) maker (MAC_GENERATOR) 146.
Cryptography processing units 130 uses close starter 132 of skew, piece decipher 134, last piece decipher 136, label maker 138 and label comparator 140 to be decrypted, and uses close starter 132 of skew, block encryption device 142, last block encryption device 144, label maker 138 and MAC maker 146 to encrypt.
Be offset close starter 132 in the transmitting-receiving manipulate, generate close of an acquiescence skew, and will be offset close and store into and be offset close memory 110.Be offset close starter 132 also by using nonce to generate the value of close record of initial offset (entry) OFFSET0, and the value of stored record OFFSET0 is to being offset close memory 110 (for example, register).
Piece decipher 134 is operated at the piece reception period except last piece of frame, use previous skew record OFFSET (i) to generate next record OFFSET (i+1) in close of skew, and store next record OFFSET (i+1) into memory 110.The piece of 134 pairs of receptions of piece decipher is decrypted, and updates stored in the checksum value that is used to generate label in verification and the memory 112.Last piece decipher 136 is similar with piece decipher 134, still is applicable to last piece of frame is operated.
Label maker 138 is operated at reception period, and by utilizing the verification of upgrading by piece decipher 134 and last piece decipher 136 and generating label.
Whether label comparator 140 is compared the label that generates in the reception period operation with MAC, and determine to take place during sending unusual.For example, if label and MAC differ from one another, mistake has so just taken place.
Block encryption device 142 is operated during the piece except last piece of frame sends, the previous skew record OFFSET of utilization (i) generates the next record OFFSET (i+1) in being offset close, and stores next record OFFSET (i+1) into memory 110.142 pairs of block encryption devices are encrypted except the piece of last piece of the frame that will be sent out, and upgrade verification and, be used to generate MAC.
Last piece decipher 144 is operated during the transmission of last piece of frame, by utilizing precedence record OFFSET (i) to generate the next record OFFSET (i+1) of skew in close, and store next record OFFSET (i+1) into memory 110.144 pairs of last block encryption devices are encrypted last piece of the frame that is sent out, and upgrade verification and, be used to generate MAC.
MAC maker 146 is operated during sending, and by utilizing the verification that block encryption device 142 and last block encryption device 144 upgrade and generating MAC.
With reference to figure 3, block cipher engine 108 receives an encryption key from control unit 102, and by utilize canonical algorithm (for example, DES, AES, etc.) interact with cryptography processing units 130, to carry out encrypt/decrypt.
Be offset close of the skew that close memory 110 storage generates by cryptography processing units 130.
Verification and memory 112 are the memories that use during the abnormality processing sending, and store a group (set), and it comprises transmission address and checksum value.Therefore, when cryptography processing units 130 receives previous grouping and during from the grouping of another transmitter, the difference that cryptography processing units 130 comes the verification address by the appropriate address that is used to self checking and memory 112.
Therefore, in E/D equipment 100, input bus controller 106 sends data BLOCKSIZE (data of sizeBLOCKSIZE) from the size of input buffer 104 to the unit 120 and 130 under the control of control unit 102.The data BLOCKSIZE of size is handled in unit 120 and 130, and sends data to output bus controller 114 subsequently.Unit 132-138 and 142-146 utilize block cipher engine 108 to operate.Close of the skew that is generated by close starter of skew 132 is stored in close memory 110 of skew, and when piece decipher 134, last piece decipher 136 when block encryption device 142 and last block encryption device 144 generate record value in close, is offset close by they uses.Label maker 138 and MAC maker 146 calculate the value that is input to block cipher engine 108.
According at least one other embodiment of the present invention, for example, the transmission of the encryption device that can be carried out by E/D equipment 100 and reception aspect will be described to 15 with reference to figure 6.
In addition, the byte length of MAC is called as MACSIZE, and it is a constant typically.How many bytes variable BYTELEFT indication grouping formerly also remains with after going up and carrying out the OCB mode in buffer.Variable BYTELEFT dynamically upgrades.How many bytes another variable BYTESINBUFFER indication remains with in anterior bumper.Variable BYTESINBUFFER is dynamically upgraded by the equipment that data is put into buffer 104 (for example, the modulator-demodulator under reception condition).Since at OCB mode operation hour according to can being received continuously, the not necessary variation of consumption of the reflection buffer of operating by the OCB mode, variable BYTESINBUFFER can change.
Fig. 6 is a flow chart, and the deciphering that is used to handle the unusual receiving course of the above-mentioned type according to of the present invention has been described.Such process can for example be programmed in the memory (not shown) of equipment 100 at E/D equipment.Such program can be moved under the control of the control unit in the E/D equipment.
With reference to figure 6,, carry out the program RX_HDR that is used to receive message header information at step S200.I haven't seen you for ages, and a kind of unusual (recited above) takes place if be determined to, then at step S210 execute exception handling procedure EX_HANDLE.Otherwise, stop receiving course at step S300.
At step S230, the OCB mode of the unusual corresponding handling procedure OCB of execution and particular type.Determine with processed piece whether be last piece.If then flow process forwards step S260 to, carry out last piece and receive program RX_LAST.If not, then flow process forwards step S280 to, carries out reception program RX_NOT_LAST.After each of step S260 and S280, finish in step S300 flow process.
More particularly, message header message pick-up program S200 receives message header information at step S202, and example as shown in FIG. 7.Fig. 7 is a flow chart, understands the example according to the program RX_HDR of the step S200 of an alternative embodiment of the invention in more detail.At step S204, from the size information L of the message header information acquisition data that receive, and variable COUNTER can initialization.Data size information L is the length of unit indication grouping (except message header) with the byte.Usually, block length is stored in the message header.Here, suppose that nonce also is stored in the message header.The default value of the quantity of the piece that the grouping that is received can be divided (for example, zero) be stored among the variable COUNTER.
In addition, after step S200, execute exception handling procedure EX_HANDLE (step S210).Fig. 8 is a flow chart, understands the example according to the program EX-HANDLE of the step S210 of an alternative embodiment of the invention in more detail.At step S212, the variable that is used to store about the information of previous grouping is defined.For example, variable PREVMOREFRAG can store whether the relevant previous grouping that receives is the information of last section; And variable PREVTA can store the address information of transmitter.
At step S214, if variable PREVMOREFRAG is not 1, to be that last section not have to take place unusual owing to previous grouping so, and it is understood that the previous grouping and the grouping of current reception have nothing to do.If not unusual the generation, flow process forwards step S224 to from step S214 subsequently, so these two variablees are updated, is used for next grouping, and subsequently at step S228 terminator S210.In other words, whether the grouping of having stored respectively about being received is that the information of last section and the variable CURMOREFRAG and the variable CURTA of transmitter address information are used as the variable PREVMOREFRAG of next grouping and the value of variable PREVTA.
At step S214, if variable PREVMOREFRAG is 1, so previous grouping is not last section, and flow process forwards determination step S216 to.At determination step S216, determine whether the transmitter address PREVTA of previous grouping is identical with the transmitter address CURTA of current group.
At step S216, if two transmitter addresses differ from one another, determine so to have taken place to send unusually, and flow process forwards " NO " output of step S216 to.Next,, from memory, removed, and the content of buffer is removed certain quantity, makes enough being remained with the corresponding quantity of variable BYTESLEFT from all groupings that previous variable PREVTA receives at step S218.Variable BYTELEFT is initialised subsequently, for example, is initialized as zero.Here, variable BYTELEFT indication remaining byte after handling grouping previous in buffer according to the OCB mode.At step S216 selectively, if two transmitter addresses are identical, do not take place unusually so, and flow process forwards " YES " output of step S216 to, to determination step S224 (following discussion).
Subsequently, at determination step S220, determine whether the grouping of current reception is indicated as a retry grouping.If flow process forwards determination step S222 to so.The message header information of the retry grouping that usually, is sent comprises whether this grouping of indication is the information of a retry grouping.
At determination step S222, determine whether the grouping of current reception in fact is received.If flow process forwards step S226 to so, the grouping of current reception is removed or abandons.Subsequently, flow process stops at step S229.By the time next grouping is received, and is further processed.
At determination step S220 or S222, be a new grouping (perhaps, in other words, not being an actual content (practical matter) of representing the retry grouping) if receive grouping selectively, flow process forwards step S224, more new variables to so.At step S228, flow process jumps to the program OCB of step S320 subsequently.
Fig. 9 A and 9B are a flow chart together, understand the example according to the program OCB of the step S230 of Fig. 6 of one embodiment of the present of invention in more detail.Here, Fig. 9 A is relevant with the processing of the grouping of the segmentation of representative frame, and Fig. 9 B is relevant with the processing of unsegmented frame.
With reference to figure 9A, flow process begins at determination step S232, and whether the grouping of determining current reception represents the section or the entire frame of a frame.In other words, if current frame is a frame section, flow process forwards step S234 to so.If not, flow process forwards the step S242 (going through below) of Fig. 9 B to.At step S234, carry out OCB mode function of initializing, and the OCB mode is ready.
After step S234, determine at determination step S236 whether the grouping that is received represents last section.If, flow process forwards step S238 to so, determine the quantity m of piece, calculating is used for the value of the variable BYTESLASTBLOCK (is unit with the byte) of last piece, and, and store among the variable BYTELSFT the byte number addition of remaining byte number in the buffer and the received grouping of composition.At step S239, the last piece that flow process jumps to step S260 receives program (being still RX_LAST) subsequently, and this is discussed below.If but determination step S312 determine the grouping of current reception do not represent last the section, flow process forwards step S240 to so.Step S240 and step S238 are alike, except, for example, MACSIZE is not the factor in the equation of m.At step S241, flow process jumps to the program RX_NOT_LAST of step S350 subsequently, and this is discussed below.
If but determine that at determination step S232 the grouping of current reception do not represent last section, (once more) flow process forwards the step S242 of Fig. 9 B to so, determine to receive the quantity m of the piece in the grouping.Quantity m representative receives the size of grouping, and this quantity m obtains by difference divided by BLOCKSIZE of round-up (forming by deducting MACSIZE from L), i.e. RoundUp ((L-MACSIZE).Because the previous grouping that receives may be retained in the buffer,, carry out OCB mode function of initializing, and the OCB mode is ready so buffer is refreshed.Flow process forwards determination step S244 to from step S242.
At determination step S244, whether the value of determining variable COUNTER is less than m-1.If flow process forwards determination step S246 to so.At determination step S246, determine whether the length (for example, the value of variable BYTESINBUFFER) of data in the buffer is greater than or equal to BLOCKSIZE.If step forwards step S248 to so, the execution block decipher function is with decryption block.Subsequently, the value of variable COUNTER adds 1, and flow process is got back to step S244 subsequently.Step S246-S248 is repeated, and becomes up to the value of variable COUNTER to equal m-1.
If COUNTER equals m-1 at determination step S244 variable, flow process forwards step S250 to so.At determination step S250, determine whether variable BYTESINBUFFER is greater than or equal to variable BYTESINBLOCK.If step forwards step S252 to so, carry out last block cipher function and label systematic function.Subsequently, at determination step S254, determine whether variable BYTESINBUFFER is greater than or equal to variable MACSIZE.If step forwards step S256 to so, carry out the label comparing function, and initializing variable BYTESLEFT.Subsequently, stop receiving, wait for the reception of next grouping at step S257.
Figure 10 is a flow chart, understands the example according to the program RX_LAST of the step S260 of an alternative embodiment of the invention in more detail.Flow process begins at determination step S262 in Figure 10, determines that whether variable COUNTER is less than m-1.If flow process forwards determination step S264 to so.At determination step S264, determine whether variable BYTESINBUFFER is greater than or equal to variable BLOCKSIZE.If flow process forwards step S266 to so, the execution block decipher function, and variable COUNTER adds 1.Subsequently, flow process rotates back into step S262, makes step S262-S266 be repeated, and becomes up to variable COUNTER to equal m-1.
If COUNTER equals m-1 at step S262 variable, then flow process forwards step S268 to.At determination step S268, determine whether variable BYTESINBUFFER is greater than or equal to variable BYTESLASTBLOCK.If flow process forwards step S270 to so, carry out last piece decipher function and label systematic function.Flow process forwards determination step S272 to from step S270.
At determination step S272, if variable BYTESINBUFFER is greater than or equal to variable MACSIZE, flow process forwards step S274 to so, carries out the label comparing function, and initializing variable BYTESLEFT.Subsequently, stop receiving, and wait for the reception of next grouping at step S275.
Figure 11 is a flow chart, understands the example according to the program RX_NOT_LAST of the step S280 of an alternative embodiment of the invention in more detail.Flow process begins at determination step S280 in Figure 11, determines that whether variable COUNTER is less than difference m-RoundUp (MACSIZE/BLOCKSIZE)-1.If flow process forwards determination step S284 to so.At determination step S284, determine whether variable BYTESINBUFFER is greater than or equal to variable BLOCKSIZE.If (at determination step S284), flow process forwards step S286 to so, the execution block decipher function, and variable COUNTER adds 1, variable BYTESLEFT minimizing variable BLOCKSIZE.Flow process is got back to step S282 from step S286, makes step S282-S286 be repeated.If but find that at determination step S282 variable COUNTER equals difference M-RoundUp (MACSIZE/BLOCKSIZE)-1, stop receiving at step S287 subsequently, and wait for the reception of next grouping.
Figure 12 is a flow chart, and the encryption of process of transmitting that is used to handle high speed OCB mode according to an alternative embodiment of the invention has been described.Similar to the flow chart of Fig. 6, such process of transmitting can (for example, equipment 100 be programmed in) the memory (not shown), and can move under the control of the control unit of E/D equipment at E/D equipment.Process of transmitting shown in Figure 12 is similar to the receiving course shown in Fig. 6 to 11 except some functions.For example,, replace in the encrypted function of reception period, and exception handler is modified to and walks around (bypass) verification and calculating in the decryptor function of reception period if current grouping is the grouping of retry.During sending, the label systematic function that reception period uses is replaced by the MAC systematic function.During sending, do not carry out the label comparing function.
In Figure 12, flow process begins at step S300, carries out message header information router TX_HDR.Subsequently, carry out last piece router TX_LAST or carry out the router TX_NOT_LAST of non-last piece at step S360 at step S340.After any one step of S330 and S350, flow process finishes at step S360.
Figure 13 A and 13B are a flow chart together, are shown in further detail the example according to the program TX_HDR of the step S300 of an alternative embodiment of the invention.At the step S302 of Figure 13 A, the length of the grouping that calculating will be sent out (is unit with the byte), and initializing variable COUNTER.
At determination step S304, determine whether the grouping that will be sent out is a retry grouping.If, be left in the basket at step S306 checksum value so, (perhaps, in other words, walking around verification and program), and flow process forwards determination step S308 to subsequently.If the grouping that will be sent out is not a retry grouping, then flow process directly forwards determination step S308 to from determination step S304.If,
At determination step S308, determine whether the grouping that will be sent out represents a section of a frame.If flow process forwards step S310 to subsequently, carry out close function of initializing of skew.But if not (at determination step S308), then flow process forwards the step S318 (being discussed below) of Figure 13 B to.
Flow process forwards determination step S312 to from step S310, determines whether the grouping that receives is last section.If, flow process forwards step S314 to so, the value (length) of the variable BYTELASTBLOCK of the quantity m of computing block and last piece, and will be retained in byte number and the byte number addition of forming received grouping in the buffer, and store variable BYTELEFT into.At step S315, flow process jumps to the last block processor TX_LAST (being discussed below) of S330 subsequently.If find to divide into groups not represent last section at determination step S312, flow process forwards step S316 to so.Step S316 is similar to step S314, except, for example MACSIZE is not the factor in the equation of m.At step S317, flow process jumps to the program TX_NOT_LAST (this is discussed below) of step S350 subsequently.
Turn back to determination step S308, if a not fragmented frame is represented in grouping, flow process forwards the step S318 of Figure 13 B to so, the quantity m of computing block.Because the previous grouping that receives remains in the buffer,, carry out OCB mode function of initializing, and the OCB mode is ready so buffer is refreshed.Flow process forwards determination step S320 to from step S318.
At determination step S320, whether the value of determining variable COUNTER is less than m-1.If then flow process forwards determination step S322 to.At determination step S322, determine whether the length (for example, the value of variable BYTESINBUFFER) of the data in the buffer is greater than or equal to BLOCKSIZE.If flow process forwards step S324 to so, the execution block encryption function is with cryptographic block.Subsequently, the value of variable COUNTER is increased 1, and flow process is got back to step S320.Step S320 is repeated to step S324, becomes up to the value of variable COUNTER to equal m-1.
If COUNTER equals m-1 at determination step S320 variable, flow process forwards determination step S326 to.At determination step S326, determine whether variable BYTESINBUFFER is greater than or equal to variable BYTESLASTBLOCK.If then flow process forwards step S328 to, carry out last block encryption function, carry out the MAC systematic function, and initializing variable BYTESLEFT.Stop sending at step S329 subsequently.
Figure 14 is a flow chart, is shown in further detail the example according to the program TX_LAST of the step S330 of an alternative embodiment of the invention.Flow process begins at determination step S332, determines that whether variable COUNTER is less than m-1.If then flow process forwards determination step S336 to, the execution block encryption function, and variable COUNTER adds 1.Subsequently, flow process is turned back to step S332, makes repeating step S332 to S336, becomes up to variable COUNTER to equal m-1.
If COUNTER is m-1 at determination step S332 variable, then flow process forwards determination step S338 to.At determination step S338, determine whether variable BYTESINBUFFER is greater than or equal to variable BYTESLASTBLOCK.If, then forward step S340 to, carry out last block encryption function, carry out the MAC systematic function, and initializing variable BYTESLEFT, for example, be initialized as zero.Stop sending at step S341 subsequently.
Figure 15 is a flow chart, is shown in further detail the example according to the program TX_NOT_LAST of the step S350 of an alternative embodiment of the invention.Flow process begins at determination step S352, determines that whether variable COUNTER is less than difference m-RoundUp (MACSIZE/BLOCKSIZE)-1.If flow process forwards step S354 to so.At determination step S354, determine whether variable BYTESINBUFFER is greater than or equal to variable BLOCKSIZE.If flow process forwards S356 to so, the execution block encryption function, variable COUNTER adds 1, and variable BYTESLEFT deducts variable BLOCKSIZE.Flow process rotates back into step S352 from step S356, makes repeating step S352 to S356.If but find that at determination step S352 variable COUNTER equals difference m-RoundUp (MACSIZE/BLOCKSIZE)-1, stop sending at step S357.
As previously described, carry out following step according to the E/D equipment of at least one embodiment of the present invention.
Come treatments B LOCKFRAG unusual by in buffer, keeping a piece that is used in the OCB mode in the grouping that sends and receive segmentation.The piece of two or RoundUp (MACSIZE/BLOCKSIZE)+1 size is retained in the buffer, and is unusual to handle MACFRAG.Ignore to receive and divide into groups and refresh buffer, unusual to handle retry.
For reception, when storing the reception grouping, checksum value is stored together, and making can be by searching and utilizing the preceding value of transmitter address to handle transmission unusually.If grouping is received retry grouping, retry is not divided into groups to carry out the OCB mode as handling the unusual mode of retry so.For transmission,, when carrying out the OCB mode, walk around verification and calculating so as handling the unusual mode of retry if grouping is a retry grouping.
According at least one embodiment of the present invention, if the amount of the data that receive in buffer when sending and receive grouping is less than or equal to BLOCKSIZE, carry out the appropriate section of OCB mode so with a block cipher or a plurality of block cipher, make it possible to reduce the encryption time.
Figure 18 is a calcspar, and the configuration according to the mobile system 400 of an alternative embodiment of the invention has been described.Mobile system 400 comprises a modulator-demodulator 410, and modulator-demodulator 410 itself comprises an E/D equipment 412.E/D equipment 412 can be equivalent to E/D equipment 100 etc.Mobile system 400 also provides typical mobile system assembly, for example, and a CPU 402 and a memory 404.Mobile system 400 is carried out data communication via WLAN.
E/D equipment 412 is from memory 404 sense datas, and in transmission data encrypted and sent, and outputs to memory 404 to the data deciphering and with data decryption in reception.
E/D equipment according at least one embodiment of the present invention can be carried out encryption when sending grouping, and when receiving grouping, carry out deciphering, make transmission/time of reception and encrypt/decrypt time to overlap each other, owing to can reduce the delay of encrypt/decrypt, and can provide data security feature and need not a large amount of losses of data-handling capacity.
For those skilled in the art clearly, the present invention can carry out various modifications and variations.Therefore, such modifications and variations will be within the scope of the present invention.

Claims (16)

1. encryption device comprises:
Input circuit, the frame that is used for receiving are segmented into two or more grouping, and with the form of littler relatively data block, controllably increase progressively each grouping of output;
Controller receives the information of relevant frame, and the input circuit by piece causes and increases progressively release, and controls encrypt/decrypt according to close (OCB) mode of skew;
The abnormality processing circuit receives the message header information of relevant grouping, according to message header information determine since segmentation whether during encrypt/decrypt, can take place unusual, and to controller give information header and relevant imminent unusual information; And
Password processing circuit generates and close of storage skew, label and message authentication codes (MAC), and comes to carry out according to the OCB mode encrypt/decrypt of piece based on them.
2. encryption device as claimed in claim 1, wherein input circuit comprises:
Input buffer, received frame and it is stored as two or more groupings; And
The input bus controller increases progressively respectively to discharge and represent the piece of two or more grouping to arrive abnormality processing circuit and password processing circuit.
3. encryption device as claimed in claim 1, wherein password processing circuit comprises:
The block cipher engine, slave controller receives encryption key, and handles the piece that is used for encrypt/decrypt;
Encryption processor generates and stores close of skew, label and message authentication codes (MAC), and under the control of controller, coordinates with the block cipher engine, and piece is carried out encrypt/decrypt; And
Be offset close memory, be used for close of storage skew.
4. encryption device as claimed in claim 3, wherein:
Password processing circuit further comprises verification and memory, with the storage verification and and the transmitter address; And
Encryption processor comprises
Be offset close starter, be created on the value of the original records in being offset close, and store this original records to close memory of skew,
The piece decipher, the next record based on generating at the precedence record of skew in close in close of skew is decrypted the piece except last piece of frame, and upgrade verification with,
Last piece decipher generates next record in close of skew based on the precedence record in close of skew, last piece of frame is decrypted, and upgrade verification and,
The label maker is operated at reception period, based on the verification of upgrading with generate label,
The label comparator is operated at reception period, with label and MAC relatively, according to described relatively export and indicate whether make a mistake,
The block encryption device based on the next record that generates at the precedence record of skew in close in close of skew, is encrypted the piece except last piece of frame, and upgrade verification with,
Last block encryption device generates next record in close of skew based on the precedence record in close of skew, last piece of frame is encrypted, and upgrade verification and, and
The MAC maker is based on verification of upgrading and generation MAC.
5. encryption device as claimed in claim 1, wherein the abnormality processing circuit comprises:
The message header information-storing device is used for the storing message header;
Segmentation abnormality processing circuit receives the first message header information of dividing into groups from input circuit, and if block or MAC will be divided, and then discern segmentation and will take place unusually, and will determine that the result offers controller;
Send the abnormality processing circuit, receive message header information from message header information-storing device and input circuit, if previous grouping is to send from different transmitters with current grouping, then identification sends and will take place unusually, and will determine that the result offers controller; And
Retry abnormality processing circuit, if one of grouping of current reception is a retry grouping, and the grouping that will send is wrong, then discerns retry and will take place unusually, and will determine that the result offers controller.
6. encryption device as claimed in claim 5, wherein as imminent when unusual, and at least one piece of previous grouping had been when being retained in the input circuit, and controller is operationally controlled encrypt/decrypt and is begun.
7. encryption device as claimed in claim 5, wherein when imminent transmission was unusual, controller caused that operationally input circuit abandons the grouping of current reception.
8. encryption device as claimed in claim 5, if the transmitter of the wherein previous grouping that receives is different from the transmitter of the grouping of current reception, then controller is operationally controlled next grouping and is deciphered with being separated.
9. encryption device as claimed in claim 5, wherein when imminent retry was unusual, controller was operationally controlled and is not carried out the close the manner of skew.
10. encryption device as claimed in claim 5, wherein when imminent retry was unusual, controller was operationally controlled the repeating transmission of grouping.
11. the transmission/reception period in the grouping of data network utilizes close (OCM) method of skew to carry out the method for encrypt/decrypt, this method comprises:
Receive two or the message header information of more first grouping at least of dividing into groups of the frame of representing segmentation;
Each of two or more grouping is divided into littler piece;
Determine during the encrypt/decrypt of piece that based on this message header information segmentation is unusual, it is unusual to send and whether retry in unusual can take place; And
According to the determined encrypt/decrypt of carrying out the OCM mode unusually.
12. method as claimed in claim 11, wherein, the execution of OCM mode encrypt/decrypt comprises:
If it is unusual to determine can segmentation to take place, at least one piece that keeps previous grouping, carry out the encrypt/decrypt of next grouping;
The deciphering of the grouping by being independent of previous reception and the grouping of current reception is decrypted the grouping of current reception, handle send unusual; And
If retry is about to take place unusually, it is unusual to handle retry by the grouping that abandons current reception.
13. method as claimed in claim 11, wherein
It is unusual when last piece of a part that forms grouping or MAC are divided segmentation to take place;
Carrying out OCM mode encrypt/decrypt comprises
If to be about to that segmentation takes place unusual owing to the division of last piece, keep last piece, and if MAC divided, then keep last piece and a piece at least one piece before in the end.
14. a piece level encrypting/decrypting method that is used in the close the manner of skew of transmission/reception period operation, this method comprises:
Reception is with the frame of encrypted/decrypted data;
Before finishing receiving, frame begins frame is divided at least two groupings;
At least one that began before frame finishes receiving grouping is divided at least two or more piece;
Before frame finishes receiving, discharge the piece of at least one grouping, be used for encrypt/decrypt;
Piece at least one grouping before frame finishes receiving carries out encrypt/decrypt.
15. method as claimed in claim 14, wherein before the finishing receiving of frame, all pieces except last piece of last grouping are encrypted/deciphering.
16. method as claimed in claim 14 further comprises:
The identification segmentation is unusual, it is unusual to send and retry in unusual will be taken place;
Wherein, one in segmentation, transmission and retry are unusual is identified as when being about to take place, unusual according to what discerned, changes encrypt/decrypt.
CNA2004100387557A 2003-02-17 2004-02-17 Device for block level offset codebook mode operation and method thereof Pending CN1538655A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR9789/2003 2003-02-17
KR20030009789A KR100560658B1 (en) 2003-02-17 2003-02-17 Apparatus and method for high performance offset codebook mode with block-level operation

Publications (1)

Publication Number Publication Date
CN1538655A true CN1538655A (en) 2004-10-20

Family

ID=32844853

Family Applications (1)

Application Number Title Priority Date Filing Date
CNA2004100387557A Pending CN1538655A (en) 2003-02-17 2004-02-17 Device for block level offset codebook mode operation and method thereof

Country Status (5)

Country Link
US (1) US20040161105A1 (en)
JP (1) JP2004254313A (en)
KR (1) KR100560658B1 (en)
CN (1) CN1538655A (en)
TW (1) TWI256224B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8208495B2 (en) 2006-07-26 2012-06-26 Qualcomm Incorporated Data transmission with supplemental resources
CN101594227B (en) * 2008-05-30 2012-06-27 华为技术有限公司 Methods and devices for data encrypting and decrypting and communication system
CN108197502A (en) * 2018-01-11 2018-06-22 苏州国芯科技有限公司 A kind of SPI transmission methods, device, controller, encryption chip and communication equipment
CN110727542A (en) * 2019-09-18 2020-01-24 陕西法士特齿轮有限责任公司 Hex file processing method and application

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100612255B1 (en) * 2005-01-11 2006-08-14 삼성전자주식회사 Apparatus and method for data security in wireless network system
AU2006205295B2 (en) 2005-01-11 2009-09-03 Samsung Electronics Co., Ltd. Apparatus and method for ciphering/deciphering a signal in a communication system
GB2422752A (en) * 2005-02-01 2006-08-02 3Com Corp Deciphering encapsulated and enciphered UDP datagrams
GB2424556A (en) * 2005-03-23 2006-09-27 3Com Corp Packet fragment deciphering with cipher state storage
JP2007041223A (en) * 2005-08-02 2007-02-15 Mitsubishi Electric Corp Data distribution device and data communications system
KR100954224B1 (en) * 2007-11-06 2010-04-21 한국전자통신연구원 Apparatus for offset code book coding
US8509439B2 (en) * 2007-12-31 2013-08-13 Intel Corporation Assigning nonces for security keys
JP5273141B2 (en) 2008-04-15 2013-08-28 日本電気株式会社 Block cipher with adjustment value, cipher generation method and recording medium
US8634549B2 (en) * 2008-05-07 2014-01-21 Red Hat, Inc. Ciphertext key chaining
US8396209B2 (en) 2008-05-23 2013-03-12 Red Hat, Inc. Mechanism for chained output feedback encryption
JP5275514B2 (en) * 2009-04-29 2013-08-28 インテル・コーポレーション Differential feedback scheme for closed-loop MIMO beamforming
DE112010003149B4 (en) * 2009-07-31 2023-09-14 International Business Machines Corporation Collaborative encryption and decryption by agents
CN103490900B (en) * 2013-09-29 2017-01-04 福建星网锐捷网络有限公司 Encryption and authentication method and equipment
CN107451046B (en) * 2016-05-30 2020-11-17 腾讯科技(深圳)有限公司 Method and terminal for detecting threads

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3746098B2 (en) * 1996-02-28 2006-02-15 株式会社日立製作所 Data encryption device
US6427173B1 (en) * 1997-10-14 2002-07-30 Alacritech, Inc. Intelligent network interfaced device and system for accelerated communication
TW375721B (en) * 1998-06-17 1999-12-01 Ind Tech Res Inst DES chip processor capable of executing data encryption standard (DES) operation
US6601217B1 (en) * 2000-04-13 2003-07-29 Sun Microsystems, Inc. System and method for error correction in an electronic communication
DE60135347D1 (en) * 2000-07-14 2008-09-25 Irdeto Access Bv ARCHITECTURE FOR SECURE PACKAGE-BASED DATA DISTRIBUTION
US7046802B2 (en) * 2000-10-12 2006-05-16 Rogaway Phillip W Method and apparatus for facilitating efficient authenticated encryption
US6876669B2 (en) * 2001-01-08 2005-04-05 Corrigent Systems Ltd. Packet fragmentation with nested interruptions

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8208495B2 (en) 2006-07-26 2012-06-26 Qualcomm Incorporated Data transmission with supplemental resources
CN101496336B (en) * 2006-07-26 2014-02-12 高通股份有限公司 Communication systems and methods that minimize repetition of data packets by using supplemental resources
CN101594227B (en) * 2008-05-30 2012-06-27 华为技术有限公司 Methods and devices for data encrypting and decrypting and communication system
CN108197502A (en) * 2018-01-11 2018-06-22 苏州国芯科技有限公司 A kind of SPI transmission methods, device, controller, encryption chip and communication equipment
CN110727542A (en) * 2019-09-18 2020-01-24 陕西法士特齿轮有限责任公司 Hex file processing method and application
CN110727542B (en) * 2019-09-18 2023-02-28 陕西法士特齿轮有限责任公司 Hex file processing method and application

Also Published As

Publication number Publication date
KR100560658B1 (en) 2006-03-16
TWI256224B (en) 2006-06-01
TW200501697A (en) 2005-01-01
KR20040074266A (en) 2004-08-25
US20040161105A1 (en) 2004-08-19
JP2004254313A (en) 2004-09-09

Similar Documents

Publication Publication Date Title
CN1538655A (en) Device for block level offset codebook mode operation and method thereof
US11870759B2 (en) Technologies for accelerated QUIC packet processing with hardware offloads
US8020006B2 (en) Pipeline for high-throughput encrypt functions
US20080065885A1 (en) Data processing apparatus
US9910790B2 (en) Using a memory address to form a tweak key to use to encrypt and decrypt data
JP5205075B2 (en) Encryption processing method, encryption processing device, decryption processing method, and decryption processing device
CN1075040A (en) In energy measurement is used to the method and apparatus of data encryption/discriminating
CN101060408A (en) Message authentication code producing apparatus, message authentication code verifying apparatus, and authentication system
CN105531713A (en) Generating multiple secure hashes from a single data buffer
CN1909443A (en) Data distribution apparatus and data communications system
CN1540916A (en) Encrypted information pack processing appts, method, program and program recording medium
CN1663172A (en) Round key generation for AES RIJNDAEL block cipher
US7657757B2 (en) Semiconductor device and method utilizing variable mode control with block ciphers
CN115244524A (en) Method and apparatus for inadvertent transmission using trusted environment
US20070081673A1 (en) CCM encryption/decryption engine
US8938072B2 (en) Cryptographic key derivation device and method therefor
US7376685B2 (en) Apparatus and method for computing SHA-1hash function
CN109923829A (en) Reach an agreement to secret value
US8560832B2 (en) Information processing apparatus
US9596218B1 (en) Methods and systems of encrypting messages using rateless codes
KR101658397B1 (en) Lightweight cryptographic apparatus using PRESENT
CN1231871C (en) Countermeasure method in electronic component using dynamic secret key cryptographic algorithm
US7971239B2 (en) Device control apparatus
CN111049639A (en) Dynamic data encryption and decryption implementation method based on FPGA
KR102117758B1 (en) Lightweight Cryptographic Accelerated Operation Processing Method In Power Platform Server EnvironmentEnvironment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Open date: 20041020